Owners of objects can use co-owner protection to specify for which of their objects they want to designate co-owners and the access conditions that co-owners must fulfil in order to perform administrative accesses. The object owner is the user ID that sets up the object. In HSMS, these objects can be files, job variables, and archives. The co-ownership of an archive is implemented in HSMS by creating a co-owner for the associated archive directory. Furthermore, HSMS supports co-ownership for input and output files and the job variables to be monitored.

The co-owner of an archive can then treat this archive as if it were their own. The only thing they cannot do is modify the archive attributes.

A co-owner is a user ID which is different from that of the owner. However, for the object in question this user ID possesses the same rights as the owner.

In general, the following applies to co-owners: all read, write and execute accesses to files are controlled by means of the rules of the traditional file security mechanisms:

• If a file is protected by USER-ACCESS, ACCESS or BASIC-ACL, a co-owner has the same read, write and execute rights as the file owner.

• If a file is protected by guards, access is controlled via the evaluation of access conditions that are defined in STDAC guards.

Co-owners can be defined, modified, or viewed using the BS2000 commands ADD-/MODIFY-COOWNER-PROTECTION-RULE and ADD-/MODIFY-/REMOVE-/SHOW-ACCESS-CONDITIONS.

For more detailed information on co-ownership, refer to the “SECOS” manual [16].